Authorization Bypass in Monetag Official Plugin by Monetag
CVE-2026-24551

5.4MEDIUM

Key Information:

Vendor: WordPress
Status: Monetag Official Plugin
Vendor: CVE Published:; 23 January 2026

What is CVE-2026-24551?

The Monetag Official Plugin for WordPress suffers from a missing authorization vulnerability that enables attackers to exploit incorrectly configured access control security levels. This flaw can potentially allow unauthorized users to gain access to restricted areas of a site. This issue affects the Monetag Official Plugin versions from n/a up to and including 1.1.3. Website administrators should assess their plugin configurations to mitigate potential risks associated with unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Monetag Official Plugin <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/monetag-...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 23, 2026
Vulnerability Reserved
Jan 23, 2026

Credit

Nabil Irawan | Patchstack Bug Bounty Program

JSON

WordPress